我在网络应用程序中使用Jersey。发送到服务器的数据是JSON格式,而后者在服务器端解组,获得的对象用于进一步处理。安全审计为这种方法带来了一些漏洞。
public Response registerManga(MangaBean mBean){
System.out.println(mBean);
return Response.status(200).build();
}
MangaBean:
public class MangaBean {
public String title;
public String author;
@Override
public String toString() {
return "MangaBean [title=" + title + ", author=" + author + "]";
}
public String getTitle() {
return title;
}
public void setTitle(String title) {
this.title = title;
}
public String getAuthor() {
return author;
}
public void setAuthor(String author) {
this.author = author;
}
}